Researchers from Israel's Ben-Gurion University have uncovered a new method for data theft from computers operating in air-gapped environments using smartwatches. According to NotebookCheck, this cyberattack method, named SmartAttack, allows for the transmission of confidential information through ultrasonic signals—frequencies ranging from 18 to 22 kHz that are inaudible to the human ear.

The essence of the attack lies in the fact that the infected computer encodes the data into an ultrasonic signal, which is then transmitted to the microphone of the smartwatch. The device subsequently relays the information via Wi-Fi or Bluetooth, bypassing the physical isolation of the computer. Since smartphones are often banned in secured areas, and smartwatches are less regulated and typically worn on the user's wrist, their use proves practical for such attacks.

During experiments, data was successfully transmitted over distances of up to 6 meters at a rate of 50 bits per second. Although the method requires both computer infection and the physical presence of the watch, researchers warn that the risks are significant for structures relying on physical isolation as their primary defense.

This research calls for a review of policies regarding wearable devices in high-security areas.